Confessions of the QSA: An Introduction to the Payment Card Industry Data Security Standard

MarketScale
MarketScale
Sep 14, 2021
Credit Card Industry Kyle Morris Video PCI DSS QSA Tax compliance Trip Hillman Video Tyler Kern video Weaver: Beyond The Numbers

 

As most in the industry know, a QSA must get certified by the PCI Security Standards Security Council to audit merchants for Payment Card Industry Data Security Standard (PCI DSS) compliance. Created in 2004 by major credit card brands, such as Visa and American Express, the council acts as a form of self-regulation.

So, how did Weaver become an expert on PCI, and what types of solutions does it offer its clients?

On this episode of Weaver: Beyond The Numbers, host Tyler Kern talked with Trip Hillman, Director of Cyber Security Services at Weaver, and Kyle Morris, Manager of IT at Advisory Services at Weaver. The trio dug into insights from Weaver’s Quality Security Assessor and explored how Weaver dove headfirst into PCI.

The PCI DSS applies to organizations that store, process, transmit or could affect the security of cardholder data. Companies that fall under this standard could do a variety of things, such as an annual self-assessment questionnaire, or bring in a third-party, independent QSA to do a full-blown report on compliance audit.

Morris is a QSA and started at Weaver about eight years ago. A few years into his career, they had a client, a service provider, start getting asked by their customers if they knew anything about PCI and the report on compliance. At the time, they hadn’t done anything with it, but decided to figure it out. That morphed into Weaver diving headfirst into PCI.

“We help people with self-assessment questionnaires or SAQs and everything from full-on ROCs for Fortune 50 Cloud Providers to small merchants to SaaS solutions,” Morris said.

Follow us on social media for the latest updates in B2B!

Image

Latest

metacognitive teaching strategies
Just Thinking: How Metacognitive Teaching Strategies Build Critical Thinking and Transfer Knowledge
August 15, 2025

In today’s rapidly changing world, effective leadership in education is about more than managing schools—it’s about inspiring a culture of thinking that empowers both teachers and students. As classrooms adapt to new technologies, diverse learning needs, and shifting societal demands, leaders have the responsibility to guide not just the acquisition of knowledge but the…

Read More
fleet lifecycle management
Fleet Lifecycle Management: Data, Safety Tech, and Timely Refreshes Cut Costs and Maintain Competitiveness
August 14, 2025

Volatile tariffs, inflationary pressures, and advances in fleet lifecycle management are forcing trucking executives to make strategic choices under uncertainty. The decision to replace or upgrade Class 8 trucks is no longer just about cost-per-month—it’s about lifecycle value, operational safety, compliance readiness, and long-term competitiveness. As the EV credit deadline approaches and OEMs release…

Read More
immersive audio technology
From Kansas to Vegas: Immersive Audio Technology at The Sphere to Bring New Life to The Wizard of Oz for a New Generation
August 14, 2025

Audiences worldwide have cherished The Wizard of Oz for over eight decades, but The Wizard of Oz at Sphere is reimagining the classic for today’s technology-driven entertainment world. Las Vegas’ cutting-edge Sphere venue will host an immersive revival, pairing groundbreaking visuals with immersive audio technology that brings the Academy Award-winning score to life in ways…

Read More
Applied Digital AI Data Center
Applied Digital AI Data Center July 2025 Update
August 14, 2025

In the heart of Ellendale, North Dakota, the Applied Digital AI Data Center known as Polaris Forge 1 (Previously ELN02) is steadily emerging as one of the largest purpose-built AI data centers in the United States. This July 2025 site update highlights remarkable progress at the Applied Digital project, designed to set new standards…

Read More
Related
leadership
Software & Technology
Leadership, LatinoProsperity, and the Power of Advocacy with Orson Aguilar
August 14, 2025
power network
Healthcare
The Secrets to Building Your Power Network: Know Your Strengths, Nurture Your Relationships, and Give Without Expectation
August 13, 2025

These days, career success isn’t just about what you know—it’s about who you know, and how you build those connections into a power network. Networking has moved beyond cocktail parties and business cards to become a lifelong skill for finding opportunities, support, and fresh ideas. In fact, researchers have found that women who combine…

Read More
The Purpose Pivot
Healthcare
Welcome to The Purpose Pivot: Where Wellbeing Meets Ambition and Success Finds New Meaning
August 13, 2025

Welcome to The Purpose Pivot, a podcast that dares to challenge the culture of constant hustle by celebrating the transformative power of the pause. Hosted by author and speaker Melissa Gonzalez, and inspired by her newest book of the same name, the show redefines success as a mindful journey that prioritizes health, intuition, and resilience…

Read More